Phishing has become very popular with thieves bent on stealing your passwords and sometimes even money. To phish is a method of sending emails to trick the recipient in surrendering secret information to the attacker. Such emails will pretend to be from your bank, from Ebay, from PayPal or any other organization that may have your private information stored on their servers.

The email will ask you to go to a specific website to "update" your personal
information, often including your credit card number. In reality, this fake
website will just capture that information for the attacker.

It may sound far-fetched that anyone would fall for this tactic, but the
attacker will go a long way to gain your trust: email may look identical to
other email you receive from the organization they are trying to mimic. The URL
you click on may appear to have your bank's name in it, even though it will
direct you elsewhere without you realizing it. And once you reach that URL, the
website may look identical to your bank's website, including all
original graphics and links.

Some new and dangerous phishing techniques go even further to
direct you to their website whenever you go to your bank's website, without your
direct action (read more
here). And while PocoMail and Barca are not vulnerable to this automated
phishing technique, you can still be susceptible to some good social
engineering that tricks you into going to attacker's website yourself and
filling out the forms. Take a look at the following email received by our staff
just this week:

We edited the postcard code and edited the hyperlinks on the URLs from the
original ones. The message looks innocent enough, yet a good eye would notice
that when mousing over the URLs in the message, the URL displayed in the status
bar for that link is completely different from the URL written out in the
message. Many people would assume that clicking on a link that shows
postcards.com in the text would be safe, but that may not always be
the case. These types of hidden URLs are used to con you into thinking that the
email is legitimate. Go ahead and click on the links above and see where you'll
end up!

So be careful whenever being directed to a website by an email you did not
solicit yourself!